• ulterno
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 days ago

    I’m guessing the ransomware gangs would be giving better payments than regular companies asking for pen-testing.

    But with this, comes other concerns:

    • Will the pen-tester be enticed to use the “authorised hacking” as an opportunity to install a backdoor of their own or do they maintain strict borders between both jobs?
      • I’m thinking, not so much, as, if they’re already doing something illegal, they might as well just go the extra mile.
    • At the same time, pen-testers working for one company might also be used for industrial espionage efforts, by competitors